Abstract
In this paper, we construct the first tightly secure signature scheme against adaptive chosen message attacks (CMA) from the Decisional Composite Residuosity (DCR) Assumption. Moreover, the verification key in our scheme is of constant size. Based on the DCR assumption, we design a one-time secure signature scheme first, then we employ a flat tree structure to obtain a signature scheme that is secure against non-adaptive chosen message attacks (NCMA). By combining the one-time scheme and NCMA-secure scheme, we obtain the final CMA-secure signature scheme with a tight security reduction to the DCR assumption.
Full Text
Published Version
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call